Hello and welcome back to The Breach Report!
August didn’t slow down. From credit bureaus to healthcare giants, universities, governments, and even credit unions — attackers zeroed in on blind spots across finance, healthcare, SaaS platforms, and critical infrastructure.
The recurring themes? Third-party weaknesses, SaaS supply-chain attacks, and zero-day exploits.
Follow along and subscribe to keep up-to-date on key data breaches each month.
🚨 Top 7 Data Breaches of August 2025
1. TransUnion Data Breach (USA)
What happened: On August 28, TransUnion disclosed that hackers accessed the personal data of 4.46 million Americans, including Social Security numbers, through a third-party software vulnerability.
Impact: Credit reports, SSNs, and other sensitive details put millions at heightened risk of fraud and identity theft. Free monitoring was offered.
Lesson: Even highly regulated financial institutions remain exposed when vendor ecosystems are weak.
Source: Read More
2. DaVita Healthcare Breach (USA)
What happened: A ransomware attack dating back to March came to light in August, exposing 2.7 million patient records.
Impact: Sensitive medical histories, insurance details, and SSNs were stolen. DaVita is notifying victims and offering identity protection services.
Lesson: Healthcare remains a top ransomware target, with life-critical consequences if systems go offline.
Source: Read More
3. Columbia University Attack (USA)
What happened: Hackers breached Columbia’s systems in early August, stealing the data of ~869,000 individuals including students and staff.
Impact: Academic records, SSNs, health data, and financial aid information were compromised.
Lesson: Higher education remains a soft target, often with sprawling systems and underfunded defenses.
Source: Read More
What happened: A Microsoft SharePoint zero-day (CVE-2025-53770) was exploited mid-August by suspected Chinese state actors (“Salt Typhoon”).
Impact: Staff names, job titles, emails, and device management data were exposed.
Lesson: Zero-days in core collaboration tools are a growing national security risk. Rapid patching and layered defenses are essential.
Source: Read More
5. Farmers Insurance Salesforce Breach (USA)
What happened: Farmers confirmed customer data exposure after the ShinyHunters Salesforce supply-chain attack.
Impact: 1.1 million records including names, policy info, and contact details were stolen.
Lesson: SaaS platforms like Salesforce are now prime attack vectors; vendor security must be treated as mission-critical.
Source: Read More
6. Salesloft/Workday/Wider SaaS Supply Chain (USA)
What happened: Between August 8–18, attackers leveraged stolen OAuth tokens from a Salesloft–Drift integration to breach over 700 Salesforce customers, including Workday, Palo Alto Networks, and Cloudflare.
Impact: Sensitive CRM data and customer records were compromised across industries.
Lesson: Token-based attacks are the new frontier — continuous monitoring and least-privilege controls are non-negotiable.
Source: Read More
7. Connex Credit Union Breach (USA)
What happened: A Connecticut-based credit union revealed on August 7 that 172,000 members had data stolen in a June attack.
Impact: Names, debit card numbers, SSNs, and government IDs were exposed. Victims offered free identity theft protection.
Lesson: Regional financial institutions remain at risk — and face reputational damage if disclosure lags.
Source: Read More
🖥️ Industry Highlights: What’s in the Hot Seat
SaaS platforms under siege — The Salesforce ecosystem breach proves OAuth and vendor integrations are the next big battleground.
Healthcare in the crosshairs — DaVita continues the trend of healthcare providers being prime ransomware targets.
Zero-day chaos — Canada’s House of Commons breach highlights the danger of unpatched enterprise tools.
Education exposed — Columbia University adds to a string of academic institutions facing devastating data theft.
🛡️ Pro Tips & Tools
Vet SaaS integrations — review token lifetimes, permissions, and monitoring.
Prioritize zero-day readiness — patch fast, monitor anomalies, and test incident response.
Encrypt sensitive academic and healthcare records by default.
Ensure vendors provide transparent breach notification SLAs.
Layer identity protection — MFA, passkeys, and proximity-based authentication reduce exposure.
⚠️ Emerging Threats to Watch
OAuth token hijacking — expect a wave of similar supply-chain breaches.
Healthcare data commoditization — stolen medical records are increasingly monetized on dark markets.
Nation-state zero-days — SharePoint and other productivity tools remain high-value targets.
Regional institutions under pressure — credit unions and smaller banks are in the firing line.
📊 Poll
Which of these blind spots worries you most after August’s breaches?
🔲 SaaS Supply-Chain Integrations (Salesforce, Workday, etc.)
🔲 Healthcare Data Protection (medical records, insurance info)
🔲 Zero-Day Vulnerabilities (SharePoint, collaboration tools)
🔲 Financial & Credit Data Security (SSNs, account numbers)
🔲 Government & Academic Systems (universities, public sector)
💡 Final Thoughts
August underscored a truth we can’t ignore: your ecosystem is only as strong as its weakest SaaS vendor, unpatched zero-day, or under-resourced partner.
From TransUnion’s millions of leaked SSNs to the Salesforce OAuth debacle, attackers are exploiting the cracks in third-party services, healthcare systems, and public institutions.
The big takeaway? It’s not enough to secure your own perimeter. You must demand accountability from every vendor, every platform, and every integration.
Stay vigilant, stay proactive, and we’ll see you in September with the next Breach Report!